diff --git a/custom-post-type-ui.php b/custom-post-type-ui.php index c30cee7c..3cd3f9f6 100644 --- a/custom-post-type-ui.php +++ b/custom-post-type-ui.php @@ -16,11 +16,13 @@ * Plugin URI: https://github.com/WebDevStudios/custom-post-type-ui/ * Description: Admin UI panel for registering custom post types and taxonomies in WordPress * Author: WebDevStudios - * Version: 1.13.4 + * Version: 1.13.5 * Author URI: https://webdevstudios.com/ * Text Domain: custom-post-type-ui * Domain Path: /languages * License: GPL-2.0+ + * Requires at least: 5.9 + * Requires PHP: 5.6 */ // phpcs:disable WebDevStudios.All.RequireAuthor @@ -31,8 +33,8 @@ exit; } -define( 'CPT_VERSION', '1.13.4' ); // Left for legacy purposes. -define( 'CPTUI_VERSION', '1.13.4' ); +define( 'CPT_VERSION', '1.13.5' ); // Left for legacy purposes. +define( 'CPTUI_VERSION', '1.13.5' ); define( 'CPTUI_WP_VERSION', get_bloginfo( 'version' ) ); /** @@ -118,7 +120,7 @@ function cptui_deactivation() { function cptui_load_textdomain() { load_plugin_textdomain( 'custom-post-type-ui' ); } -add_action( 'plugins_loaded', 'cptui_load_textdomain' ); +add_action( 'init', 'cptui_load_textdomain' ); /** * Load our main menu. diff --git a/inc/post-types.php b/inc/post-types.php index 2d73b80e..5f36e6ca 100644 --- a/inc/post-types.php +++ b/inc/post-types.php @@ -1223,7 +1223,7 @@ function cptui_manage_post_types() { ], ]; - $selected = isset( $current ) ? disp_boolean( $current['can_export'] ) : ''; + $selected = ( isset( $current ) && ! empty( $current['can_export'] ) ) ? disp_boolean( $current['can_export'] ) : ''; $select['selected'] = ! empty( $selected ) ? $current['can_export'] : ''; echo $ui->get_select_input( // phpcs:ignore. [ diff --git a/inc/tools-sections/tools-debug.php b/inc/tools-sections/tools-debug.php index b3517882..4ec2f057 100644 --- a/inc/tools-sections/tools-debug.php +++ b/inc/tools-sections/tools-debug.php @@ -20,11 +20,11 @@ function cptui_render_debuginfo_section() { wp_nonce_field( 'cptui_debuginfo_nonce_action', 'cptui_debuginfo_nonce_field' ); if ( ! empty( $_POST ) && isset( $_POST['cptui_debug_info_email'] ) && isset( $_POST['cptui_debuginfo_nonce_field'] ) ) { - wp_verify_nonce( 'cptui_debuginfo_nonce_field', 'cptui_debuginfo_nonce_action' ); - - $email_args = []; - $email_args['email'] = sanitize_text_field( $_POST['cptui_debug_info_email'] ); - $debuginfo->send_email( $email_args ); + if ( wp_verify_nonce( 'cptui_debuginfo_nonce_field', 'cptui_debuginfo_nonce_action' ) ) { + $email_args = []; + $email_args['email'] = sanitize_text_field( $_POST['cptui_debug_info_email'] ); + $debuginfo->send_email( $email_args ); + } } echo '

'; diff --git a/readme.txt b/readme.txt index a0d8f477..42b5cfa5 100644 --- a/readme.txt +++ b/readme.txt @@ -1,14 +1,14 @@ === Custom Post Type UI === Contributors: webdevstudios, pluginize, tw2113, vegasgeek, modemlooper, williamsba1 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3084056 -Tags: custom post types, CPT, CMS, post, types, post type, taxonomy, tax, custom, content types, post types +Tags: custom post types, post type, taxonomy, content types, CPT, CMS, post, types, custom Requires at least: 5.9 -Tested up to: 6.1.1 -Stable tag: 1.13.4 +Tested up to: 6.2 +Stable tag: 1.13.5 License: GPL-2.0+ Requires PHP: 5.6 -Admin UI for creating custom post types and custom taxonomies for WordPress +Admin UI for creating custom content types like post types and taxonomies == Description == @@ -36,6 +36,11 @@ Custom Post Type UI development is managed on GitHub, with official releases pub == Changelog == += 1.13.5 - 2023-03-27 = +* Fixed: Security issue in CPTUI Debug Info screen. +* Fixed: Added `empty()` check for `can_export` parameters. +* Updated: Changed textdomain loading from `plugins_loaded` to `init`. + = 1.13.4 - 2022-12-16 = * Fixed: Character encoding issue on CPTUI setting save in conjunction with PHP8 compatibility. @@ -91,6 +96,11 @@ Custom Post Type UI development is managed on GitHub, with official releases pub == Upgrade Notice == += 1.13.5 - 2023-03-27 = +* Fixed: Security issue in CPTUI Debug Info screen. +* Fixed: Added `empty()` check for `can_export` parameters. +* Updated: Changed textdomain loading from `plugins_loaded` to `init`. + = 1.13.4 - 2022-12-16 = * Fixed: Character encoding issue on CPTUI setting save in conjunction with PHP8 compatibility.